Serial number: AV25-688
Date: October 22, 2025
Updated: November 21, 2025
On October 21, 2025, Oracle published a security advisory to address vulnerabilities in multiple products.
Included were security advisories for critical vulnerabilities CVE-2025-53072 and CVE-2025-62481 affecting Oracle E-Business products.
Update 1
On November 20, 2025, a proof of concept (PoC) for CVE-2025-61757 has been made available and open-source reporting indicated that exploitation has been observed since August 30, 2025.
Update 2
On November 21, 2025, Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2025-61757 to their Known Exploited Vulnerabilities (KEV) Database.
The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.